Policies and procedures are the core of any business and are the guidelines that ensure that the organisation is run efficiently and with minimum risk of loss and/or lawsuits. Cyber Security practices are no different, yet they are not always treated with the same importance.
Cyber security practices can be extremely restrictive at times, but this is meant to be the case. Inconvenience is a major factor that prevents attackers from targeting an organisation unless it’s worth the time spent because the attackers evaluate the potential (payday) of breaching an organisation’s defences.
Hacking is a form of business and the financial gain is taken into account as a result of this in most scenarios. There are also operational skill levels to consider here because not all hackers are the same, and each skill level will have its preferred targets. Much like in nature, all prey has predators (every target has an attacker). Cyber security practices outline the safest, most controlled way to interact with systems and users digitally that are either internal or external.
The following are examples of critical cyber security practices:
- Keep software up-to-date
- Avoid opening suspicious emails
- Keep hardware up-to-date
- Use a secure file-sharing solution
- Use anti-virus and anti-malware
- Use a VPN to privatise your connections
- Have all users check their links before clicking on them
- Don’t be lazy with your passwords!
- Disable Bluetooth when you don’t need it
- Enable 2-Factor Authentication
- Remove adware from your machines
- Double-check for HTTPS on websites
- Don’t store important information in non-secure places
- Scan external storage devices for viruses
- Avoid using public networks
- Avoid the ‘secure enough’ mentality
- Invest in security upgrades
- Back up important data
- Train employees regularly
- Use HTTPS on your website